Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ef99f39-5c5c-4bb6-9e15-9baa9a993e2c.roa
File:                     0ef99f39-5c5c-4bb6-9e15-9baa9a993e2c.roa (raw, json)
Hash identifier:          b6bhMQkasokNx4eKbOZex+3xT9chk+79RuPNdhELqUs=
Subject key identifier:   E9:83:FB:1B:84:68:AE:D5:49:7C:07:60:D6:58:3D:AA:BE:08:B0:CB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D35B71F5B753868713E61656B020B911154EF12
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ef99f39-5c5c-4bb6-9e15-9baa9a993e2c.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:35:b7:1f:5b:75:38:68:71:3e:61:65:6b:02:0b:91:11:54:ef:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=3ad7dfc276f22ffa74a558a711a182110b70263091ba609cbe7a59febb8f0fef, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c3:c6:13:01:fc:ba:00:82:75:65:56:75:ab:
                    37:91:2b:29:7b:91:6a:5c:4c:c6:7e:1e:26:69:b9:
                    88:33:75:8b:77:a2:9b:57:f6:9f:97:97:58:de:38:
                    fd:cc:08:33:78:80:37:c8:1b:74:d5:9b:9f:2c:13:
                    ec:5c:85:7b:94:1f:df:22:c0:5a:bc:3e:fd:ea:e2:
                    1a:dc:63:b0:76:43:45:c3:f9:b3:ed:de:1d:15:18:
                    fb:fd:41:2f:52:77:1e:1d:a1:28:58:e9:dd:00:c3:
                    cd:94:7c:a5:06:eb:80:28:38:3f:11:f4:b0:bf:52:
                    48:ba:b0:8d:03:4c:8d:89:27:62:cb:00:a9:24:fd:
                    23:da:5f:20:36:14:03:1f:af:f4:9e:a7:08:d2:4b:
                    3e:dc:1b:fc:80:34:f6:d7:be:73:40:0c:17:55:9c:
                    22:4a:fa:f1:1c:6f:0c:5d:02:aa:1a:e9:0f:0a:65:
                    ec:fe:2c:3f:79:2f:6a:02:a8:16:ae:8e:fb:d6:c3:
                    e1:97:1f:cc:48:45:ef:03:db:ae:dc:c6:5c:1b:ad:
                    ec:be:b8:90:86:d9:52:61:ce:ed:a1:a7:d7:e8:b0:
                    ed:ca:8e:8f:65:dc:2e:06:06:3b:e0:16:11:4c:1f:
                    b4:77:1c:a1:47:83:02:0b:64:59:40:0a:6d:ec:3b:
                    75:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:83:FB:1B:84:68:AE:D5:49:7C:07:60:D6:58:3D:AA:BE:08:B0:CB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ef99f39-5c5c-4bb6-9e15-9baa9a993e2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:6a:af:cd:79:c5:06:53:0b:43:b9:a0:56:ae:7e:26:41:42:
         c3:19:de:1d:09:a6:be:81:8b:da:1d:b0:db:6a:23:5a:e5:a1:
         51:db:06:6c:58:13:a1:9e:7e:38:dc:be:93:d0:8b:12:ef:0e:
         76:ae:07:2b:8a:8a:c5:a5:ac:13:e1:03:05:0f:4a:2b:08:d1:
         52:5b:e8:ba:4f:8a:98:56:9d:f3:6d:c4:11:49:94:63:c2:f5:
         9f:7c:ae:ff:1e:5a:81:a5:53:14:15:bb:d4:27:b5:84:0a:ee:
         79:d8:ea:5b:2a:69:d9:b3:d0:5c:2b:3b:da:42:38:99:44:06:
         4f:c8:a7:90:08:95:c6:6d:da:1d:af:ff:16:f9:09:24:52:6f:
         06:00:44:76:cd:bc:81:b2:78:c3:6a:f8:88:97:15:af:2f:55:
         43:fe:c7:f6:5c:7a:ce:e2:f2:6d:28:1c:13:eb:6a:2e:93:ac:
         7a:19:b4:42:fa:b6:b0:7d:51:02:b6:08:3f:62:55:7c:e0:66:
         6a:32:f3:a1:52:1a:61:e5:af:41:e1:0b:97:53:76:b7:8d:1e:
         04:d3:7b:ac:a5:de:1e:71:09:76:bf:a7:d4:25:7e:d4:a1:ae:
         00:f5:5f:57:02:c8:a0:5b:33:0c:78:a2:9c:48:fe:34:1e:f5:
         a4:65:d9:2d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbTW3H1t1OGhxPmFlawILkRFU7xIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYWQ3ZGZjMjc2ZjIyZmZhNzRhNTU4YTcxMWExODIxMTBi
NzAyNjMwOTFiYTYwOWNiZTdhNTlmZWJiOGYwZmVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAw8YTAfy6AIJ1ZVZ1qzeRKyl7kWpcTMZ+HiZpuYgzdYt3
optX9p+Xl1jeOP3MCDN4gDfIG3TVm58sE+xchXuUH98iwFq8Pv3q4hrcY7B2Q0XD
+bPt3h0VGPv9QS9Sdx4doShY6d0Aw82UfKUG64AoOD8R9LC/Uki6sI0DTI2JJ2LL
AKkk/SPaXyA2FAMfr/SepwjSSz7cG/yANPbXvnNADBdVnCJK+vEcbwxdAqoa6Q8K
Zez+LD95L2oCqBaujvvWw+GXH8xIRe8D267cxlwbrey+uJCG2VJhzu2hp9fosO3K
jo9l3C4GBjvgFhFMH7R3HKFHgwILZFlACm3sO3V9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6YP7G4RortVJfAdg1lg9qr4IsMswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBlZjk5ZjM5LTVjNWMtNGJiNi05ZTE1LTliYWE5YTk5M2UyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTZowDQYJKoZIhvcNAQELBQADggEBADhqr815xQZTC0O5oFaufiZBQsMZ
3h0Jpr6Bi9odsNtqI1rloVHbBmxYE6GefjjcvpPQixLvDnauByuKisWlrBPhAwUP
SisI0VJb6LpPiphWnfNtxBFJlGPC9Z98rv8eWoGlUxQVu9QntYQK7nnY6lsqadmz
0FwrO9pCOJlEBk/Ip5AIlcZt2h2v/xb5CSRSbwYARHbNvIGyeMNq+IiXFa8vVUP+
x/Zces7i8m0oHBPrai6TrHoZtEL6trB9UQK2CD9iVXzgZmoy86FSGmHlr0HhC5dT
dreNHgTTe6yl3h5xCXa/p9QlftShrgD1X1cCyKBbMwx4opxI/jQe9aRl2S0=
-----END CERTIFICATE-----
Generated at Fri Sep 22 22:26:58 2023 by rpki-client on console-fra.rpki-client.org